def search_req():
s=rsa_aes(transport_stream(connect(search_host, search_port)))
search=[
List(i=32, d=[
Dword(i=33, d=0x00000000),
Dword(i=34, d=0x00000005),
String(i=35, d='test')
]),
List(i=32, d=[
Dword(i=33, d=0x00000011),
Dword(i=34, d=0x00000000),
Dword(i=35, d=0x00000000)
]),
List(i=32, d=[
Dword(i=33, d=0x00000001),
Dword(i=34, d=0x00000008),
String(i=35, d='test')
]),
List(i=32, d=[
Dword(i=33, d=0x00000011),
Dword(i=34, d=0x00000000),
Dword(i=35, d=0x00000000)
]),
List(i=32, d=[
Dword(i=33, d=0x00000002),
Dword(i=34, d=0x00000009),
String(i=35, d='test')
]),
String(i=38, d='skype'),
Dword(i=36, d=0x00000000),
String(i=4, d=skypename),
String(i=13, d='2/4.3.0.37/172'),
Dword(i=14, d=0xb630882c)
]
print s.execute(0x00004278, search)
def login_req():
e, n, d = rsa_keygen.make_rsa_keypair()
print "Your private key: " + repr((e, n, d))
s=rsa_aes(transport_stream(connect(login_host, login_port)))
pub_key=unhexlify("%0256x" % n)
login=[
Buf(i=33, d=pub_key),
Qword(i=49, d=unhexlify('2c097aeacabba291')), # TODO: compute hostkey1
Numbers(i=51, d=[0xcabba291, 0x9370a68d, 0xafcc1c6e, 0xe16fa568, 0xcabba291]), # TODO: compute hostkey2
String(i=13, d='2/4.3.0.37/172'),
Dword(i=14, d=0x7f000001)
]
response, params = r = s.execute(0x000013a3, login)
print response
cert = getbyid(params, 36)[0].d
dump_profile(cert)
return (e, n, d, cert)
def login_req():
e, n, d = rsa_keygen.make_rsa_keypair()
print "Your private key: " + repr((e, n, d))
s = rsa_aes(transport_stream(connect(login_host, login_port)))
pub_key = unhexlify("%0256x" % n)
login = [
Buf(i=33, d=pub_key),
Qword(i=49, d=unhexlify('2c097aeacabba291')), # TODO: compute hostkey1
Numbers(i=51,
d=[0xcabba291, 0x9370a68d, 0xafcc1c6e, 0xe16fa568,
0xcabba291]), # TODO: compute hostkey2
String(i=13, d='2/4.3.0.37/172'),
Dword(i=14, d=0x7f000001)
]
response, params = r = s.execute(0x000013a3, login)
print response
cert = getbyid(params, 36)[0].d
dump_profile(cert)
return (e, n, d, cert)
